ln-313-review-docs-worker
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill architecture is designed for documentation management and follows strict internal contracts for state and artifact handling. No malicious code, exfiltration patterns, or unauthorized network operations were detected.
- [COMMAND_EXECUTION]: The skill includes Node.js runtime scripts that perform file system operations (read, write, delete, rename) to manage internal state and artifacts within the project's
.hex-skillsdirectory. It also implements process monitoring usingprocess.kill(pid, 0), which is a standard and safe method to check if a process ID is currently active without sending a termination signal. - [PROMPT_INJECTION]: The skill processes technical notes and story context, which are external data sources, to generate documentation. While this creates a surface for indirect prompt injection, the risk is mitigated by the use of structured templates, a mandatory self-check phase, and the skill's specific focus on generating non-executable documentation artifacts.
Audit Metadata